[packages/gnupg] - updated to 1.4.19 (fixes CVE-2014-3591, some variation of CVE-2015-0837 and some DoS) - updated pl

qboosh qboosh at pld-linux.org
Mon Mar 2 21:12:23 CET 2015 

commit db44c396a9015e05da65269c530f80e938c584fe
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Mon Mar 2 21:15:41 2015 +0100

    - updated to 1.4.19 (fixes CVE-2014-3591, some variation of CVE-2015-0837 and some DoS)
    - updated pl.po-update patch
    - removed obsolete texinfo patch

 gnupg-pl.po-update.patch |  64 +++++++-----------------------
 gnupg-texinfo.patch      | 101 -----------------------------------------------
 gnupg.spec               |  11 ++----
 3 files changed, 18 insertions(+), 158 deletions(-)
---
diff --git a/gnupg.spec b/gnupg.spec
index 9d4bfa0..fb8c536 100644
--- a/gnupg.spec
+++ b/gnupg.spec
@@ -12,16 +12,15 @@ Summary(ru.UTF-8):	GNU Privacy Guard - свободная замена PGP
 Summary(uk.UTF-8):	GNU Privacy Guard - вільна заміна PGP
 Summary(zh_CN.UTF-8):	GPL的PGP加密程序
 Name:		gnupg
-Version:	1.4.18
-Release:	3
+Version:	1.4.19
+Release:	1
 License:	GPL v3+
 Group:		Applications/File
 Source0:	ftp://ftp.gnupg.org/GnuPG/gnupg/%{name}-%{version}.tar.bz2
-# Source0-md5:	54db1be9588b11afbbdd8b82d4ea883a
+# Source0-md5:	3af4ab5b3113b3e28d3551ecf9600785
 Patch0:		%{name}-info.patch
 Patch1:		%{name}-pl.po-update.patch
 Patch2:		%{name}-fix.patch
-Patch3:		%{name}-texinfo.patch
 URL:		http://www.gnupg.org/
 BuildRequires:	automake >= 1:1.9.3
 BuildRequires:	bzip2-devel
@@ -179,7 +178,6 @@ kluczy.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
-%patch3 -p1
 
 %{__rm} po/stamp-po
 
@@ -204,8 +202,7 @@ rm -rf $RPM_BUILD_ROOT
 
 # packaged as %doc
 %{__rm} $RPM_BUILD_ROOT%{_datadir}/gnupg/FAQ
-# packaged in gnupg2-common
-%{__rm} $RPM_BUILD_ROOT%{_mandir}/man7/gnupg.7
+
 %{__rm} -f $RPM_BUILD_ROOT%{_infodir}/dir
 
 %clean
diff --git a/gnupg-pl.po-update.patch b/gnupg-pl.po-update.patch
index 765597b..5722b93 100644
--- a/gnupg-pl.po-update.patch
+++ b/gnupg-pl.po-update.patch
@@ -1,54 +1,18 @@
---- gnupg-1.4.17/po/pl.po.orig	2014-06-23 17:19:03.000000000 +0200
-+++ gnupg-1.4.17/po/pl.po	2014-06-29 19:35:04.971073840 +0200
-@@ -776,7 +776,7 @@
+--- gnupg-1.4.19/po/pl.po.orig	2015-03-02 20:57:04.197366800 +0100
++++ gnupg-1.4.19/po/pl.po	2015-03-02 20:58:17.927363705 +0100
+@@ -3565,13 +3565,11 @@
  
- #: g10/card-util.c:1823
- msgid "gpg/card> "
+ #: g10/keyedit.c:3007
+ msgid "WARNING: Your encryption subkey expires soon.\n"
 -msgstr ""
-+msgstr "gpg/karta> "
++msgstr "UWAGA: podklucz szyfrujący wkrótce wygaśnie.\n"
  
- #: g10/card-util.c:1864
- msgid "Admin-only command\n"
-@@ -2454,14 +2454,13 @@
- msgstr "klucz %s: brak identyfikatora u�ytkownika\n"
+ #: g10/keyedit.c:3008
+-#, fuzzy
+-#| msgid "You can't change the expiration date of a v3 key\n"
+ msgid "You may want to change its expiration date too.\n"
+-msgstr "Nie można zmienić daty ważności klucza w wersji 3.\n"
++msgstr "Można także zmienić jego datę wygaśnięcia.\n"
  
- #: g10/import.c:795
--#, fuzzy, c-format
--#| msgid "skipped \"%s\": %s\n"
-+#, c-format
- msgid "key %s: %s\n"
--msgstr "pomini�ty ,,%s'': %s\n"
-+msgstr "klucz %s: %s\n"
- 
- #: g10/import.c:796 g10/import.c:1187
- msgid "rejected by import filter"
--msgstr ""
-+msgstr "odrzucony przez filtr importu"
- 
- #: g10/import.c:825
- #, c-format
-@@ -2584,10 +2583,9 @@
- msgstr "klucz %s: ,,%s'' bez zmian\n"
- 
- #: g10/import.c:1186
--#, fuzzy, c-format
--#| msgid "secret key \"%s\" not found: %s\n"
-+#, c-format
- msgid "secret key %s: %s\n"
--msgstr "klucz prywatny ,,%s'' nie zosta� odnaleziony: %s\n"
-+msgstr "klucz prywatny %s: %s\n"
- 
- #: g10/import.c:1206 g10/import.c:1229
- msgid "importing secret keys not allowed\n"
-@@ -2655,9 +2653,9 @@
- msgstr "klucz %s: nie obs�ugiwany algorytm asymetryczny\n"
- 
- #: g10/import.c:1504
--#, fuzzy, c-format
-+#, c-format
- msgid "key %s: invalid direct key signature\n"
--msgstr "klucz %s: dodano bezpo�redni podpis\n"
-+msgstr "klucz %s: b��dny podpis bezpo�redni\n"
- 
- #: g10/import.c:1517
- #, c-format
+ #: g10/keyedit.c:3069
+ msgid ""
diff --git a/gnupg-texinfo.patch b/gnupg-texinfo.patch
deleted file mode 100644
index 082e4ea..0000000
--- a/gnupg-texinfo.patch
+++ /dev/null
@@ -1,101 +0,0 @@
---- gnupg-1.4.14/doc/gpl.texi.orig	2013-07-19 11:38:00.000000000 +0200
-+++ gnupg-1.4.14/doc/gpl.texi	2013-08-23 15:18:00.047458315 +0200
-@@ -3,7 +3,8 @@
- @unnumbered GNU General Public License
- @center Version 3, 29 June 2007
- 
-- at c This file is intended to be included in another file.
-+ at c This file is intended to be included within another document,
-+ at c hence no sectioning command or @node.
- 
- @display
- Copyright @copyright{} 2007 Free Software Foundation, Inc. @url{http://fsf.org/}
-@@ -12,7 +13,7 @@
- license document, but changing it is not allowed.
- @end display
- 
-- at unnumberedsec Preamble
-+ at heading Preamble
- 
- The GNU General Public License is a free, copyleft license for
- software and other kinds of works.
-@@ -20,7 +21,7 @@
- The licenses for most software and other practical works are designed
- to take away your freedom to share and change the works.  By contrast,
- the GNU General Public License is intended to guarantee your freedom
--to share and change all versions of a program--to make sure it remains
-+to share and change all versions of a program---to make sure it remains
- free software for all its users.  We, the Free Software Foundation,
- use the GNU General Public License for most of our software; it
- applies also to any other work released this way by its authors.  You
-@@ -77,12 +78,7 @@
- The precise terms and conditions for copying, distribution and
- modification follow.
- 
-- at iftex
-- at unnumberedsec TERMS AND CONDITIONS
-- at end iftex
-- at ifinfo
-- at center TERMS AND CONDITIONS
-- at end ifinfo
-+ at heading TERMS AND CONDITIONS
- 
- @enumerate 0
- @item Definitions.
-@@ -228,7 +224,7 @@
- conditions:
- 
- @enumerate a
-- at item 
-+ at item
- The work must carry prominent notices stating that you modified it,
- and giving a relevant date.
- 
-@@ -659,13 +655,11 @@
- Program, unless a warranty or assumption of liability accompanies a
- copy of the Program in return for a fee.
- 
-- at iftex
-+ at end enumerate
-+
- @heading END OF TERMS AND CONDITIONS
-- at end iftex
-- at ifinfo
-- at center END OF TERMS AND CONDITIONS
-- at end ifinfo
-- at unnumberedsec How to Apply These Terms to Your New Programs
-+
-+ at heading How to Apply These Terms to Your New Programs
- 
- If you develop a new program, and you want it to be of the greatest
- possible use to the public, the best way to achieve this is to make it
-@@ -676,8 +670,9 @@
- to attach them to the start of each source file to most effectively
- state the exclusion of warranty; and each file should have at least
- the ``copyright'' line and a pointer to where the full notice is found.
-+
- @smallexample
-- at var{one line to give the program's name and a brief idea of what it does.}  
-+ at var{one line to give the program's name and a brief idea of what it does.}
- Copyright (C) @var{year} @var{name of author}
- 
- This program is free software: you can redistribute it and/or modify
-@@ -700,9 +695,10 @@
- notice like this when it starts in an interactive mode:
- 
- @smallexample
-- at var{program} Copyright (C) @var{year} @var{name of author} 
-+ at var{program} Copyright (C) @var{year} @var{name of author}
- This program comes with ABSOLUTELY NO WARRANTY; for details type @samp{show w}.
--This is free software, and you are welcome to redistribute it under certain conditions; type @samp{show c} for details.
-+This is free software, and you are welcome to redistribute it
-+under certain conditions; type @samp{show c} for details.
- @end smallexample
- 
- The hypothetical commands @samp{show w} and @samp{show c} should show
-@@ -721,5 +717,3 @@
- applications with the library.  If this is what you want to do, use
- the GNU Lesser General Public License instead of this License.  But
- first, please read @url{http://www.gnu.org/philosophy/why-not-lgpl.html}.
--
-- at end enumerate
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/gnupg.git/commitdiff/db44c396a9015e05da65269c530f80e938c584fe

More information about the pld-cvs-commit mailing list